If the statement will produce a result set, call
mysql_stmt_result_metadata()
to obtain the result set metadata. This metadata is itself in
the form of result set, albeit a separate one from the one
that contains the rows returned by the query. The metadata
result set indicates how many columns are in the result and
contains information about each column.

Set the values of any parameters using
mysql_stmt_bind_param(). All
parameters must be set. Otherwise, statement execution returns
an error or produces unexpected results.

The server parses the statement and sends the okay status back
to the client by assigning a statement ID. It also sends total
number of parameters, a column count, and its metadata if it
is a result set oriented statement. All syntax and semantics
of the statement are checked by the server during this call.

The client uses this statement ID for the further operations,
so that the server can identify the statement from among its
pool of statements.

The client uses the statement handle and sends the parameter
data to the server.

The server identifies the statement using the ID provided by
the client, replaces the parameter markers with the newly
supplied data, and executes the statement. If the statement
produces a result set, the server sends the data back to the
client. Otherwise, it sends an okay status and the number of
rows changed, deleted, or inserted.

When mysql_stmt_fetch() is called,
the MySQL client/server protocol performs these actions:

The client reads the data from the current row of the result
set and places it into the application data buffers by doing
the necessary conversions. If the application buffer type is
same as that of the field type returned from the server, the
conversions are straightforward.

Prepared Statement Logging

For prepared statements that are executed with the
mysql_stmt_prepare() and
mysql_stmt_execute() C API
functions, the server writes Prepare and
Execute lines to the general query log so that
you can tell when statements are prepared and executed.

As a result of the preceding calls, the server writes the
following lines to the general query log:

Prepare [1] SELECT ?
Execute [1] SELECT 3

Each Prepare and Execute
line in the log is tagged with a
[N] statement
identifier so that you can keep track of which prepared statement
is being logged. N is a positive
integer. If there are multiple prepared statements active
simultaneously for the client, N may be
greater than 1. Each Execute lines shows a
prepared statement after substitution of data values for
? parameters.